fix(pikaoa): 分离测试与生产 Gitea 凭据 key
This commit is contained in:
@@ -519,7 +519,7 @@ sourceAuthority:
|
||||
secretRef:
|
||||
namespace: devops-infra
|
||||
name: gitea-github-sync-secrets
|
||||
key: github-token-pikainc-pikaoa
|
||||
key: github-token-pikainc-pikaoa-release
|
||||
upstream:
|
||||
repository: pikainc/pikaoa
|
||||
cloneUrl: https://github.com/pikainc/pikaoa.git
|
||||
|
||||
@@ -47,6 +47,22 @@ describe("platform-infra Gitea repository GitHub credentials", () => {
|
||||
.not.toBe(githubTokenEnvNameForSecretKey(globalCredential.gitFetchCredential.secretRef.key));
|
||||
});
|
||||
|
||||
test("keeps PikaOA master and release authorities on distinct Secret keys", () => {
|
||||
const config = readGiteaConfig();
|
||||
const testAuthority = config.sourceAuthority.repositories.find((repo) => repo.key === "pikaoa-test-nc01");
|
||||
const productionAuthority = config.sourceAuthority.repositories.find((repo) => repo.key === "pikaoa-nc01");
|
||||
const testKey = testAuthority?.credentialOverride?.github.gitFetchCredential.secretRef.key;
|
||||
const productionKey = productionAuthority?.credentialOverride?.github.gitFetchCredential.secretRef.key;
|
||||
|
||||
expect(testAuthority?.upstream.branch).toBe("master");
|
||||
expect(productionAuthority?.upstream.branch).toBe("release");
|
||||
expect(testKey).toBe("github-token-pikainc-pikaoa");
|
||||
expect(productionKey).toBe("github-token-pikainc-pikaoa-release");
|
||||
expect(productionKey).not.toBe(testKey);
|
||||
expect(githubTokenEnvNameForSecretKey(productionKey ?? ""))
|
||||
.not.toBe(githubTokenEnvNameForSecretKey(testKey ?? ""));
|
||||
});
|
||||
|
||||
test("normalizes Secret keys to bounded environment variable names", () => {
|
||||
expect(githubTokenEnvNameForSecretKey("github-token-pikainc-selfmedia"))
|
||||
.toBe("UNIDESK_GITEA_GITHUB_TOKEN_GITHUB_TOKEN_PIKAINC_SELFMEDIA");
|
||||
|
||||
Reference in New Issue
Block a user